ThreatMapper – Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories
The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community...
Tools
Burpsuite-Copy-As-XMLHttpRequest – Copy As XMLHttpRequest BurpSuite Extension
The extension adds a context menu to BurpSuite that allows you to copy multiple requests as Javascript's XmlHttpRequest, which simplifies...
Scylla – The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc…
Scylla is an OSINT tool developed in Python 3.6. Scylla lets users perform advanced searches on Instagram & Twitter accounts,...
UAC – Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection...
Maigret – OSINT Username Checker. Collect A Dossier On A Person By Username From A Huge Number Of Sites
The Commissioner Jules Maigret is a fictional French police detective, created by Georges Simenon. His investigation method is based on...
Watson – Enumerate Missing KBs And Suggest Exploits For Useful Privilege Escalation Vulnerabilities
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.Supported VersionsWindows 10 1507,...
SharpHound3 – C# Data Collector For The BloodHound Project
Get SharpHoundThe latest build of SharpHound will always be in the BloodHound repository here Compile InstructionsSharpHound is written using C#...
DefenderCheck – Identifies The Bytes That Microsoft Defender Flags On
Quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until...
SharpGPOAbuse – Tool To Take Advantage Of A User’S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights...
Tuf – A Framework For Securing Software Update Systems
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
SecretScanner – Find Secrets And Passwords In Container Images And File Systems
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets?Secrets are any kind of...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
Rubeus – C# Toolset For Raw Kerberos Interaction And Abuses
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project...
InveighZero – Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to...
ClearURLs – An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This...
Android_Hid – Use Android As Rubber Ducky Against Another Android Device
Use Android as Rubber Ducky against another Android device HID attack using AndroidUsing Android as Rubber Ducky against Android. This...
KICS – Find Security Vulnerabilities, Compliance Issues, And Infrastructure Misconfigurations Early In The Development Cycle Of Your Infrastructure-As-Code
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx....
Boomerang – A Tool To Expose Multiple Internal Servers To Web/Cloud
Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports...
BadOutlook – (Kinda) Malicious Outlook Reader
A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a...
CallObfuscator – Obfuscate Specific Windows Apis With Different APIs
Obfuscate (hide) the PE imports from static/dynamic analysis tools. TheoryThis's pretty forward, let's say I've used VirtualProtect and I want...
Search-That-Hash – Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat
The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash?...
Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code
Automatically detect control-flow flattening and other state machines Author: Tim BlazytkoDescription:Scripts and binaries to automatically detect control-flow flattening and other state...
cve_manager_VS – A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE...
